FennelCacheBufferParanoia

For debug builds of Fennel on Linux, we allocate cache page buffers with the following special tricks:

• Buffer contents are initially memset to 0xFF for every byte.
• Each buffer is preceded and followed by a "fence" memory page which is set via mprotect to PROT_NONE, causing any attempt to access it (either for read or for write) to result in a segfault. These fence pages are memset to 0XFE for every byte, but normally you can't see that because you can't even read them. Note that the size of a fence page is determined by the Linux page size (normally 4K) and is unrelated to the database cache page size (determined by Fennel's configuration parameters).

We don't do this for optimized builds because two extra OS pages per database cache page is very expensive in terms of memory and address space consumption. But it would be nice to be able to configure this via a parameter instead of hard-coding it based on the build type.

Yet to be done: dynamically adjust cache page accessibility based on whether it is currently mapped and locked; this helps catch stale pointers after a cache page is unlocked. Also, fill each newly mapped cache page with 0xFF if it maps to a newly allocated disk block. This catches page allocation bugs which assume that newly allocated pages start out 0-filled (Fennel provides no such guarantee).